1. Field of the Invention
Embodiments of the present invention relate generally to messaging systems and, more particularly, to secure transfer of messages.
2. Description of Related Art
Alert messages have proven useful for informing a class of interested users of a change in circumstance associated with a given item or task. Alert messaging may be the process of reliably and securely disseminating messages to interested users associated with the task or event. Alert messaging may involve the use of a network, such as, but not limited to, a computer network, for securely distributing messages to user stations associated with the interested users. Such computer and/or network based systems for providing alert messages are useful for automating the generation, transmission and reception of these messages. An example of such an automated system that can be used for providing alert messages over a network is the MQ™ series of products available from IBM® Corporation, including the IBM® Websphere™ MQ™ product. Such systems may be typically used to support application-to-application communication, but not real-time message transmission to recipients using a public network.
Due to the important information that may be conveyed by the alert messages, it is desirable to secure the network against access by unauthorized users and to prevent false or corrupted alert messages from being intentionally propagated, as well as to prevent alert messages from being intentionally removed or deleted (e.g., stolen), as a result of which an action that needs to be taken as a result of a message may never take place because the proper recipient never received the alert. For example, alert messages may provide to a financial analyst updates on the status of an executed trade as it progresses from execution to settlement. Untrusted clients connecting to the system through exposed ports may pose a variety of security risks. In particular, loss of a message that provides information of a trade that must be reviewed and approved before it is sent to the exchange for execution can have a dramatic impact. During the time the message is being reviewed, the market conditions continue to change. If there was only one reviewer and that message were stolen, that review would never be communicated to the proper user and that trade would never be approved and thus would never execute.
Products have been developed to address these security concerns, including the MQSecure™ product available from Candle Corporation of El Segundo, Calif. and IBM®'s Policy Director™ for MQ.™ However, these MQ™ systems used for messaging do not provide secure alert messaging for external user clients that are not MQ™ clients (i.e., a client that requires the use of MQ™ client or Candle Corporation client software). Furthermore, these products may require use of a two-way handshake security protocol.